Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzeni logów FRST

mayday25 05 Lut 2017 21:58 249 3
  • #2 05 Lut 2017 23:07
    Kolobos
    Spec od komputerów

    Odinstaluj:
    Adobe Reader 9.1 MUI
    AVG PC TuneUp 2014 (pl-PL)
    BrowseMark
    Browser-Security
    web control version 1.0.0.2

    Zainstaluj http://ninite.com/foxit/

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {2BF078C1-51A2-48BA-917C-45235B70DA02} - System32\Tasks\{FD0B6230-ACE3-4BEC-B0E3-0885A1263878} => pcalua.exe -a "D:\ct łokiec\CDVIEWER.EXE" -d "D:\ct łokiec"
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: E - E:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: F - F:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {14facf1b-c57d-11e3-97aa-3859f94fe7b1} - F:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {14facf44-c57d-11e3-97aa-3859f94fe7b1} - E:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {7d94bc9d-d57d-11e5-9396-3859f94fe7b1} - E:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {8878f208-cc47-11e5-97f9-b870f4a9cf16} - E:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {97178ba1-ce45-11e5-92e1-b870f4a9cf16} - E:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {97178bac-ce45-11e5-92e1-b870f4a9cf16} - E:\AutoRun.exe
    HKU\S-1-5-21-2416977680-1910873838-3357786379-1000\...\MountPoints2: {f56512bf-bbd8-11e5-b87f-3859f94fe7b1} - E:\AutoRun.exe
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    BootExecute:
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    FF user.js: detected! => C:\Users\pawel\AppData\Roaming\Mozilla\Firefox\Profiles\ziv4cfn0.default-1452794668783\user.js [2016-08-07]
    FF Extension: (Browser-Security) - C:\Users\pawel\AppData\Roaming\Mozilla\Firefox\Profiles\ziv4cfn0.default-1452794668783\Extensions\firefox@browser-security.de.xpi [2016-11-05]
    S2 Update BrowseMark; "C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe" [X]
    S2 Util BrowseMark; "C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe" [X]
    S3 massfilter; system32\drivers\massfilter.sys [X]
    2017-02-05 18:26 - 2016-08-07 19:05 - 00000000 ____D C:\Users\pawel\AppData\Roaming\Browser-Security
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST.

    Zamiesc screen z:
    CrystalDiskInfo: http://portableapps.com/apps/utilities/crystaldiskinfo_portable
    Process Explorer: https://technet.microsoft.com/pl-pl/sysinternals/processexplorer
    (cale okna)

    0